Classification

Description

The remote host has a version of Cisco AnyConnect < 2.5 MR6 / 3.0 MR8.
Such versions are potentially affected by multiple vulnerabilities :

– The WebLaunch VPN downloader implementation does not
properly validate binaries that are received, which can
allow remote attackers to execute arbitrary code via
ActiveX of Java components. (CVE-2012-2493).

– The WebLaunch VPN downloader implementation does not
compare timestamps of offered software to install with
currently installed software, which may allow remote
attackers to downgrade the software via ActiveX of Java
components. (CVE-2012-2494, CVE-2012-2495).